There is a SQL injection vulnerability in Some ZTE Mobile Internet products. Due to insufficient validation of the input parameters of the SNTP interface, an authenticated attacker could use the vulnerability to execute stored XSS attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zte mf286r_firmware nordic_mf286r_b06 |
||
zte mf289d_firmware cr_tmoczmf289dv1.0.0b07 |